wp-verify
wp-verify is intended to verify the validity of any given (base) wordpress install. It is run from CLI against an FTP or FTPS server (the latter is preferred).
wp-verify works by following these steps:
- Download the original release from wordpress.org
- Verify it's md5sum
- Unpack to --data-dir (default:
sys_get_temp_dir()) - Connect via FTP(S)
- [Optional] Download a list of installed plugins
- Download the original sources for each plugin
- Build an array of an md5sum of every file in the release
- [Optional] Build an array of an md5sum of every file in the plugins
- Download each file from the FTP(S) and compare it's md5sum to that of the original
Additionally I hope to allow verification of a local set of files against the server too, for custom modifications, plugins and themes.
Example
./wp-verify.php -v3.0.1 -fftp.example.org -uUSERNAME -p -w/htdocs/blog
Retrieving Wordpress 3.0.1...... done!
Verifying build...... verified!
Unpacking Wordpress...... complete!
FTP Password: [input here]
Testing remote connection...... success!
Retrieving Plugin List...... found 11 plugins.
Retrieving Plugins................. success!
Generating MD5sums......................................................................................................... done!
Comparing 300 remote files................................................................................. complete!
----------------------- Failed files -----------------------
| Filename |
| index.php |
Libraries
wp-verify uses several libraries to complete it's work.
- Devin Doucette's Archive Classes
- PHP CLI Framework (http://cliframework.com/)
- This basic CLI framework does some of the boring CLI stuff